Those are all insecure. Many security questions were made insecure by China's hack of OPM clearance data which gave them a wealth of previous addresses, cities of birth, mother's maiden name, etc. Being emailed a link is meaningless. I can create an email account in two seconds, pretend to be you, then "verify" I am you with that email. Text messages are a PITA and not secure either. I can ask a phone company to port your number to my phone. Your phone company may stop that from happening but in some cases I can call them and pretend to be you and authorize the switch.
The file connecting the ballet metadata to the voter would not be available to "experts" unless they show cause
I didn't expect that. The unique ID on each ballot can be done securely if it is long enough and random enough. Many mail-in ballots are not. They have a code that's not much longer than the number of residents in the county and even assigned randomly they can figured out through process of elimination.
Bullshit. 2FA is secure enough for online banking, for access to HIPPA, and for my brokerage and cryto-exchange accounts. How much effort do you think some nefarious entity is willing to expend to gain access to ONE vote?
Being emailed a link is meaningless. I can create an email account in two seconds, pretend to be you, then "verify" I am you with that email.
No, you can't. The email address would be part of the information you provide when appearing in person at a government office to set up or renew your voter account. Changing your email address would have be done while logged in to your account. This is the normal way of doing business online, and it's more than good enough to secure ONE vote.